Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
21-09-2024 23:37
General
-
Target
b57f0de38340d22996bfc335ba659717c9e3b3edf857bf748ccc5ff4f5620e65.pdf
-
Size
222KB
-
MD5
ee2d1e9901224694dd23dbf6669e805b
-
SHA1
be7726e26ab8752c368a7a02f8025ee2b8874c30
-
SHA256
b57f0de38340d22996bfc335ba659717c9e3b3edf857bf748ccc5ff4f5620e65
-
SHA512
832ae1cd4e66cef5e02b45d4b6deb3fb76ec0310a5a487c54f71e2e7e150d437f86db989f43da8e1deefc14d6f41a00de4ddec43a621787bd41e562e76dd3302
-
SSDEEP
3072:KTR8HtesvmF1jGxPkBz6yOyXGQRpwpGc02VF3VzGB51j7qhhDmW25gxAAuJsdzkm:KTOiDGxPksy2ljVNV6BL3O85gJuOdP
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b57f0de38340d22996bfc335ba659717c9e3b3edf857bf748ccc5ff4f5620e65.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fba6ce98a9cb63c07f59e0c10f45c784
SHA10b9699044d4acb384fe0431feac6247bc4c0b277
SHA25615628075d3bce912fc7c0e9da118c67a1c094c88556f988bab6ee6d560b4461e
SHA512d594525218187b0f6829e8d7dbb6560a6367ab1f192320a8ca38c4a564b61bbd5c382d8a18a1f668ad6d8556689496be533a2308dbc407df4571bb6a349ca05b